ms['last'] = int(ds) ms['l_id'] = ev # false positive elif int(ty) == 1: misp_fp = True misp_fp_ts = ds misp_fp_id = ev if misp_fp is True: record['misp_value'] = misp_value record['misp_fp'] = "True" record['misp_fp_timestamp'] = str(misp_fp_ts) record['misp_fp_event_id'] = str(misp_fp_id) if ms_seen is True: record['misp_value'] = misp_value record['misp_count'] = str(ms['count']) record['misp_first'] = str(ms['first']) record['misp_first_event_id'] = str(ms['f_id']) record['misp_last'] = str(ms['last']) record['misp_last_event_id'] = str(ms['l_id']) yield record if __name__ == "__main__": # set up custom logger for the app commands logging.root loglevel = logging_level('misp42splunk') logging.root.setLevel(loglevel) logging.error('logging level is set to %s', loglevel) logging.error('PYTHON VERSION: ' + sys.version) dispatch(MispSightCommand, sys.argv, sys.stdin, sys.stdout, __name__)
to_ids.append(r['misp_to_ids']) v['misp_to_ids'] = to_ids category = v['misp_category'] # append if r['misp_category'] not in category: category.append(r['misp_category']) v['misp_category'] = category attribute_uuid = v['misp_attribute_uuid'] if r['misp_attribute_uuid'] not in attribute_uuid: attribute_uuid.append(r['misp_attribute_uuid']) v['misp_attribute_uuid'] = attribute_uuid if is_object_member is False: misp_type = r['misp_type'] \ + '|' + v['misp_type'] v['misp_type'] = misp_type misp_value = r['misp_value'] + \ '|' + v['misp_value'] v['misp_value'] = misp_value output_dict[key] = dict(v) for k, v in list(output_dict.items()): yield v if __name__ == "__main__": # set up logging suitable for splunkd consumption logging.root loglevel = logging_level() logging.error('logging level is set to %s', loglevel) logging.root.setLevel(loglevel) dispatch(mispgetevent, sys.argv, sys.stdin, sys.stdout, __name__)
def set_log_level(self): logging.root loglevel = logging_level('misp42splunk') logging.root.setLevel(loglevel) logging.error('[SI-101] logging level is set to %s', loglevel) logging.error('[SI-102] PYTHON VERSION: ' + sys.version)